Fundamental Global Inc. - (FGF)

10-K Filing Date: March 14, 2024
ITEM 1C. CYBERSECURITY

 

Material risks from cybersecurity threats are managed across the Company, third-party suppliers and vendors. Monitoring such risks and threats is integrated into the Company’s overall risk management program.

 

The Company regularly assesses risks from cybersecurity and technology threats and monitors information systems for potential vulnerabilities. The Company maintains technical and organizational safeguards, including risk awareness education, employee training, incident response capability exercises, and cybersecurity insurance for the protection of the Company’s assets. With the goal of minimizing disruption, the Company also leverages a third-party specialist to identify, prioritize, assess, mitigate, and remediate risks within our network and to assist in implementing processes to oversee and identify material risks from cybersecurity threats associated with third-party service providers.

 

Our operations depend on our ability to process our business timely and efficiently and protect our information systems from physical loss or unauthorized access. A sustained business interruption or system failure could adversely impact our ability to perform necessary business operations promptly, hurt our relationships with our business partners and customers, and have a material adverse effect on our financial condition and results of operations.

 

In the event of an incident, the Company focuses on responding to and containing the threat and minimizing any business impact, as appropriate. In the event of an incident, Senior Management assesses, among other factors, safety impact, data loss, business operations disruption, projected cost and potential for reputational harm.

 

To date, the Company has not experienced any material cybersecurity incidents. For a discussion of whether any risks from cybersecurity threats are reasonably likely to materially affect the Company, including its business strategy, results of operations or financial condition, See “Item 1A. Risk Factors — Technology and Operational Risks.”

 

The Chief Financial Officer leads the implementation of information system controls and is responsible for monitoring the controls to ensure they remain appropriate. The Chief Financial Officer has the proper credentials and relevant experience given the environment in which the Company operates, The Audit Committee of the Board, with input from Senior Management, primarily the Chief Financial Officer, assesses the Company’s cybersecurity, other information technology risks, threats, and the measures implemented by the Company to mitigate and prevent cyberattacks. The Audit Committee will elevate any issues identified as potential threats to the attention of the Board. In addition, the Board of the Company oversees our annual enterprise risk assessment and receives periodic reports on the Company’s cybersecurity controls.

 

14